Senator Patrick Leahy (D-Vt.) has announced that he will not be supporting the controversial Electronic Communications Privacy Act (ECPA) Amendments Act, which he wrote, after fierce criticism arose from a variety of groups over his revision to the bill allowing federal agencies warrantless access to Americans’ e-mail accounts. The revised[2] version of the legislation was antithetical to the original measure, which included a requirement for a search warrant.

CNET News had reported of the revised bill,

Leahy’s rewritten bill would allow more than 22 agencies — including the Securities and Exchange Commission and the Federal Communications Commission — to access Americans’ email, Google Docs files, Facebook wall posts, and Twitter direct messages without a search warrant.

It also would give the FBI and Homeland Security more authority, in some circumstances, to gain full access to Internet accounts without notifying either the owner or a judge.

Agencies that would be granted civil subpoena authority for electronic communications through the revised legislation include the Federal Reserve, the Federal Trade Commission, the Federal Maritime Commission, the Postal Regulatory Commission, the National Labor Relations Board, and the Mine Enforcement Safety and Health Review Commission.

Leahy’s revisions [3]were significant, as the previous version of his bill required police to obtain a search warrant as a result of probable cause before they were permitted to access e-mail or other methods of communication.

But the outcry against the revisions forced Leahy to announce on Twitter Tuesday evening that he would “not support such an exception” for warrantless access. His remarks came just hours after CNET News published the article that exposed the revisions.

Leahy’s original bill was intended to revise the 1986 Electronic Communications Privacy Act (ECPA), which changed the privacy standards for electronic communications. Ars Technica, a website that is mainly devoted to technology, explained[4]:

When Congress passed the 1986 Electronic Communications Privacy Act[5] (ECPA), a time when massive online storage of e-mail was essentially unimaginable, it was presumed that if you hadn’t actually bothered to download your e-mail, it could be considered “abandoned” after 180 days. By that logic, law enforcement would not need a warrant to go to the e-mail provider or ISP to get the messages that are older than 180 days; police only need to show that they have “reasonable grounds to believe” the information gathered would be useful in an investigation. Many Americans[6] and legal scholars[7] have found this standard, in today’s world, problematic[8].

In an interview with Ars Technica, Chris Calabrese, legislative counsel at the American Civil Liberties Union observed,

[Currently] there’s a standard for what’s electronic communications services, and that’s where there’s the 180-day rule.

There’s a whole class of remote computing services, which were ones that did data processing back in the 1980s, but are now cloud computing. What this does is eliminate the distinction between the two and eliminate the 180 day rule and raise them all up to a warrant.

It’s very solid legislative language. It covers all private communications and would require a warrant to access them. Something that’s long overdue. We’re talking about a huge class of very private information and stuff that is so undisputedly private.

Leahy’s original legislation sought to address the problem, and the senator even boasted that his bill would provide “enhanced privacy protections for American consumers by … requiring that the government obtain a search warrant.”

At the time Leahy first introduced his bill, he told [9]attendees at the Computers Freedom and Privacy conference that he was required to obtain search warrants to search someone’s home during his previous career as a prosecutor. “I question whether it should be that much different if I’m going to search all your files [in electronic form],” he added.

When Leahy first introduced the legislation in September, Ars Technica reported:

Right now, if the cops want to read my e-mail, it’s pretty trivial for them to do so. All they have to do is ask my online e-mail provider. But a new bill set to be introduced[10] Thursday in the Senate Judiciary Committee by its chair, Sen. Patrick Leahy[11] (D-VT), seems to stand the best chance of finally changing that situation and giving e-mail stored on remote servers the same privacy protections as e-mail stored on one’s home computer.

CNET News explained that Leahy’s revisions were the result of pressure from law-enforcement agencies:

After law enforcement groups including the National District Attorneys’ Association and the National Sheriffs’ Association organizations objected to the legislation and asked him to “reconsider acting” on it, Leahy pushed back the vote and reworked the bill as a package of amendments.

U.S. Associate Deputy Attorney General James Baker, for example, warned that having to obtain a warrant to read e-mails could have an “adverse impact” on criminal investigations.

As noted by the ACLU’s Calabrese, Leahy’s revision of the original legislation “undercuts” its purpose. “We believe a warrant is the appropriate standard for any contents,” he declared.

Marc Rotenberg, head of the Electronic Privacy Information Center, points to the FBI’s reading of CIA Director David Petraeus’ e-mails as evidence that there should be “more judicial oversight.”

Eventually, criticism from a variety of civil rights groups and a petition to Congress with over 2,000 signatures entitled “Tell Congress: Stay Out of My Email,” however, compelled Senator Leahy to withdraw his support for the revised legislation.

A note from Leahy’s Twitter account states[12], “Technology has created vacuum in privacy protection. Sen. Leahy believes that needs to be fixed, and #ECPA needs privacy updates.”

CNET News reports, “This revised provision will come as a relief to privacy advocates and business lobbyists, who have been scrambling since last week to figure out how to respond to Leahy’s revamped legislation.”

Leahy’s record on privacy is a mixed one. While he introduced legislation in the 1990s to protect Americans’ right to use whatever encryption products they wanted, he also helped write the controversial Protect IP Act, which constitutionalists opposed as Internet censorship. Likewise, his work on the Patriot Act, according to The New Republic, made it “less protective of civil liberties.”